Can you offer tips for keeping social media accounts and activity secure and compliant?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
The first thing you should remember when considering social media security is that everything said on social media is inherently public. You should plan to follow the same guidelines you use for any release of public information when considering a social media presence. The news is full of organizations that have been burned when someone with access to a corporate social media account posted offensive content, intentionally or accidentally, to the organization's feed.
Next, carefully control the passwords to your social media accounts. Make sure that each account is protected with a strong password and that the password is known only to a very small number of individuals. Unfortunately, most social media services are set up in a consumer-oriented fashion and do not have advanced access controls that allow delegation of posting authority, etc. If you need to grant multiple people access to your account, consider using a third-party service that mediates access without requiring shared passwords.
Finally, use common sense when it comes to social media and compliance requirements. Obviously, social media should never be used for credit card processing or to exchange other sensitive information. Publicly traded companies should also be aware of their obligations under Securities and Exchange Commission (SEC) information disclosure regulations. The CEOs of Twitter and Zipcar both recently learned this the hard way when they ran afoul of Regulation Fair Disclosure by posting information to their social media accounts, which had not been filed with the SEC in advance. Information security managers may not have a lot of direct control over what their CEOs do on social media or otherwise, but it's wise to at least do your best to incorporate dos and don'ts into the organization's social media security and compliance best practices policy.
Dig Deeper on Social media security risks and real-time communication security
Related Q&A from Mike Chapple
A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach ...continue reading
The proposed CFTC regulations on cybersecurity testing are set to finalize in 2016. Expert Mike Chapple discusses the effects these regulations have ...continue reading
Whether Apple is a HIPAA covered entity was called into question when it advertised for a health regulations lawyer. Expert Mike Chapple discusses ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.